Im in the middle of making an app for IOS. Its a 2d dungeon crawler that focuses on training your character and collecting loot. I know we've all seen this before but this is just a project for experience. Anyway, I want to make an online auction house where player can sell their loot to other players. I am in the process of enabling match making for 1v1 battles between players. Thats going well but Im not sure how to go about setting up an auction house feature.

Will I need to use a server? or is there a way I can do it similarly to the way Im doing pvp through match making? I understand that it will be hard to give me specific advice when you don't know exactly what i'm doing.

Im using cocos2D for the main game and i'm using Game Centre for the match making. If you need more specific specs just ask.

In both cases, an auction house and a match making service, you need a 'master' server. The clients connect to the server and will either try to find other players (match making) or offer/buy ingame items. In the latter case you although need a DB and a transaction concept. And if you want to have an auction house, you need to manage all character profiles on this server too (to prevent cheating).

Game Center can take care of matchmaking, because it already has servers for doing that.

For an auction house, you need to set up the server yourself. You can use basic HTTP REST services for this. The main important thing to understand is how to make it cheat-resistant.

Specifically, a user may analyze your application, and fake the same kinds of requests that your application makes. If your application makes a request saying "I have a +1 Sword of Doom for sale" then someone could analyze this request, and learn how to make a request saying "I have a +10 Staff of Ultimate Win for sale."

As long as gameplay rules are enforced on the client only, this is not a theoretically solvable problem! (This is one of the reasons why various Diablo economies have collapsed.)

You can do a decent job of raising the bar by using HTTPS and some kind of account system that's tied to the advertiser ID of the device, to avoid too much duplication.

At the very least, you will need a server that houses a database to store your auctions, as well as user accounts, stats, ect. You could use this same server for matchmaking assuming it had the resources available.